CVE-2020-28337

Опубликовано: 15 фев. 2021

Источник: nvd

CVSS3: 7.2

CVSS2: 6.5

EPSS Средний

Описание

A directory traversal issue in the Utils/Unzip module in Microweber through 1.1.20 allows an authenticated attacker to gain remote code execution via the backup restore feature. To exploit the vulnerability, an attacker must have the credentials of an administrative user, upload a maliciously constructed ZIP file with file paths including relative paths (i.e., ../../), move this file into the backup directory, and execute a restore on this file.

Ссылки

http://packetstormsecurity.com/files/162514/Microweber-CMS-1.1.20-Remote-Code-Execution.html
Exploit
Third Party Advisory
VDB Entry
https://github.com/microweber/microweber/commit/777ee9c3e7519eb3672c79ac41066175b2001b50
Patch
Third Party Advisory
https://sl1nki.page/advisories/CVE-2020-28337
Third Party Advisory
https://sl1nki.page/blog/2021/02/01/microweber-zip-slip
Exploit
Patch
Third Party Advisory
http://packetstormsecurity.com/files/162514/Microweber-CMS-1.1.20-Remote-Code-Execution.html
Exploit
Third Party Advisory
VDB Entry
https://github.com/microweber/microweber/commit/777ee9c3e7519eb3672c79ac41066175b2001b50
Patch
Third Party Advisory
https://sl1nki.page/advisories/CVE-2020-28337
Third Party Advisory
https://sl1nki.page/blog/2021/02/01/microweber-zip-slip
Exploit
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*

Версия до 1.1.20 (включая)

EPSS

Процентиль: 94%

0.1411

Средний

7.2 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-pqcf-v8v5-jmcg